Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/uaxf2AGptn0k5nSChIQ5U9I-OzM.roa
File: uaxf2AGptn0k5nSChIQ5U9I-OzM.roa (raw, json)
Hash identifier: bH20ytgUK7nqS56x69xVlTEkEDFzbypHFv+jFwf5Z1I=
Subject key identifier: B9:AC:5F:D8:01:A9:B6:7D:24:E6:74:82:84:84:39:53:D2:3E:3B:33
Certificate issuer: /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial: 019427B68348A1C41917C77E4C036A0E6C6B
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/uaxf2AGptn0k5nSChIQ5U9I-OzM.roa
Signing time: Thu 02 Jan 2025 15:51:00 +0000
ROA not before: Thu 02 Jan 2025 15:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.130.49.0/24 maxlen: 24
2a13:141:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:83:48:a1:c4:19:17:c7:7e:4c:03:6a:0e:6c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Validity
Not Before: Jan 2 15:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9ac5fd801a9b67d24e6748284843953d23e3b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:da:f3:d0:3c:e2:28:83:9a:29:4a:00:46:77:
52:e3:f8:e8:ad:c9:e3:4f:16:1a:6a:f9:5a:3f:f4:
b7:c5:6e:d9:5e:73:bc:3d:e7:ca:01:95:db:b7:4f:
3a:36:b4:31:be:29:20:d0:9e:00:de:6a:48:02:cb:
5f:bb:ac:c3:21:1c:ec:8d:11:39:68:5e:9d:48:26:
04:de:6d:2f:cb:75:98:9d:65:fe:6f:ed:df:c0:b6:
9d:bd:ba:02:0f:ef:70:b6:34:78:f0:f5:e5:bc:3f:
bd:eb:e4:b7:ab:b4:94:ca:15:06:22:e4:f0:86:5d:
02:67:a0:06:87:6d:46:9e:b1:ab:45:13:20:7e:6e:
5a:13:bf:db:bb:14:a8:d7:b8:97:b4:07:db:43:c6:
54:1e:e0:f7:96:27:0e:16:4f:ca:aa:19:77:6b:7a:
cf:1e:06:09:3e:24:b5:c4:d3:69:fa:ad:7c:6a:4e:
f9:48:3e:77:d2:7b:49:71:96:33:9a:ec:af:aa:01:
cf:50:13:de:ac:8c:82:84:e3:0e:b2:5e:f7:a4:96:
aa:9f:97:ee:96:19:62:3c:1e:c8:dd:ec:87:86:4a:
a6:22:3d:2c:02:9c:54:a5:bd:ae:39:db:1b:f3:be:
ef:65:89:15:86:b4:bf:37:ef:d8:d0:98:b2:e1:34:
ef:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AC:5F:D8:01:A9:B6:7D:24:E6:74:82:84:84:39:53:D2:3E:3B:33
X509v3 Authority Key Identifier:
keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/uaxf2AGptn0k5nSChIQ5U9I-OzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.49.0/24
IPv6:
2a13:141:3::/48
Signature Algorithm: sha256WithRSAEncryption
68:b3:ef:64:64:4f:8f:3c:56:12:ba:c2:e1:86:90:39:c6:f9:
e6:4d:9d:f4:db:40:82:e3:27:8e:db:7c:1f:6b:dd:6f:da:4e:
96:eb:a7:d4:50:33:0d:a9:77:cb:6c:77:4b:f6:f8:07:96:e8:
b1:3e:79:fe:a9:94:83:8b:b8:c3:17:20:96:70:3e:60:09:23:
c9:bd:b1:70:89:22:c8:05:19:dc:31:57:a9:50:87:84:7a:4a:
45:a5:47:e2:2b:be:24:81:67:ca:27:39:fd:23:fd:18:a9:83:
c9:ee:03:b7:47:c8:6f:f0:42:8b:7f:12:36:87:77:63:2f:da:
12:5d:c2:fd:55:ea:00:ff:ad:1e:ba:78:41:9d:d3:32:bb:3f:
1e:d9:fd:40:ec:83:b8:78:7c:65:5c:f2:24:7b:20:61:29:d6:
c4:c7:a1:02:5d:c6:3e:b6:c7:d2:1b:e6:f3:9b:4a:81:ad:69:
43:99:8d:4d:f7:3b:62:29:50:31:84:85:2f:01:e3:5d:a0:db:
d3:c5:17:e2:7b:fa:df:22:f6:1b:9c:eb:a5:87:3b:74:64:c9:
d7:ad:96:35:2a:df:9e:2b:90:03:44:f4:d4:32:7e:34:b3:ef:
c8:fe:33:98:6c:13:a1:25:70:8d:9a:bd:26:0e:fe:fc:44:9a:
66:ae:d2:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntoNIocQZF8d+TANqDmxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjUwMTAyMTU1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWFjNWZkODAxYTliNjdkMjRlNjc0ODI4NDg0Mzk1M2QyM2UzYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0drz0DziKIOaKUoARndS4/jorcnj
TxYaavlaP/S3xW7ZXnO8PefKAZXbt086NrQxvikg0J4A3mpIAstfu6zDIRzsjRE5
aF6dSCYE3m0vy3WYnWX+b+3fwLadvboCD+9wtjR48PXlvD+96+S3q7SUyhUGIuTw
hl0CZ6AGh21GnrGrRRMgfm5aE7/buxSo17iXtAfbQ8ZUHuD3licOFk/Kqhl3a3rP
HgYJPiS1xNNp+q18ak75SD530ntJcZYzmuyvqgHPUBPerIyChOMOsl73pJaqn5fu
lhliPB7I3eyHhkqmIj0sApxUpb2uOdsb877vZYkVhrS/N+/Y0Jiy4TTvGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmsX9gBqbZ9JOZ0goSEOVPSPjszMB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEvdWF4ZjJBR3B0bjBrNW5TQ2hJUTVVOUktT3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYIxMA8E
AgACMAkDBwAqEwFBAAMwDQYJKoZIhvcNAQELBQADggEBAGiz72RkT488VhK6wuGG
kDnG+eZNnfTbQILjJ47bfB9r3W/aTpbrp9RQMw2pd8tsd0v2+AeW6LE+ef6plIOL
uMMXIJZwPmAJI8m9sXCJIsgFGdwxV6lQh4R6SkWlR+IrviSBZ8onOf0j/Ripg8nu
A7dHyG/wQot/EjaHd2Mv2hJdwv1V6gD/rR66eEGd0zK7Px7Z/UDsg7h4fGVc8iR7
IGEp1sTHoQJdxj62x9Ib5vObSoGtaUOZjU33O2IpUDGEhS8B412g29PFF+J7+t8i
9huc66WHO3RkydetljUq354rkANE9NQyfjSz78j+M5hsE6ElcI2avSYO/vxEmmau
0qM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:18:03 2025 by rpki-client